From: A secure cloud storage system combining time-based one-time password and automatic blocker protocol
Penetrate test | Recent system [22] | Result | Test period/days | Proposed system | Results | Test period/days |
---|---|---|---|---|---|---|
Test 1: SQL injection | No SQL injects | Intact | 3Â h | No SQL injects | Intact | 1Â day |
Test 2: Broken authentication | The authentication is broken due to the usage of the static password | Not intact | 2 days | The authentication not broken due to usage TOTP at users’ side and APB at TPA side | Intact | 3, 5 days |
Test 3: Sensitive data exposure | The outsourced data encrypted using DES technique | Not intact | 3Â days | The outsourced data encrypted using AES technique | Intact | 3, 5Â days |
Test 4: CSRF | The sessions managed using HTTP | Not intact | 1Â day | The sessions managed using HTTPS | Intact | 3, 5Â days |
Test 5: Invalidated redirects and forwards | The spider found that some token is not assured | Not intact | Â day | The tokens between the users and CSP is assured | Intact | 3, 5Â days |